Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The DevOps Services Portal's import service action require two python scripts to run.

The first script returns the deployment policy that will be used for the import (it gets the user selected deployment policy and may override it)
The second script analyzes and validate the import file - for example, checks that it does not include a domain export

You may download and customize the sample scripts from https://bitbucket.org/montier/servicesportalscripts/src
If you wish to develop your own scripts, or customize the sample scripts, please follow the following guidelines.

Run Python -V from ssh to determine the Python version that comes with your DPOD installation.

Folder Structure

Each import execution receives a unique UUID - you can view the UUID in the DevOps Action Executions Status Page
Before each execution, DPOD creates a folder that will hold all files for this execution. the scripts are executed from this folder.
The default folder path (basePath) is /app/tmp/servicesportal/import/<uuid>
All execution files and folders older than 7 days will be automatically deleted by DPOD


When importing a service into multiple domains/devices, DPOD will run a separate import action for each service, so the scripts will run multiple times, each time the current imported service parameters will be passed and a new folder structure will be created.

Deployment Policy Selector Script

Input Parameters:

  1. Device Name of the target
  2. Domain Name of the target
  3. Service Name
  4. Object Class (MPGW, XMLFW)
  5. Executing User Name
  6. Execution Source (UI or REST)
  7. Execution UUID
  8. The deployment policy file name that was selected by the user (without the path), or the value "noPolicy" if no policy was selected
  9. The path where all policy files are stored (you may change this path from system parameters)

Output:

  1. For the import process to continue, the script must end with RC=0, in this case, DPOD will use the deployment policy content that was written to the file "deployment-policy.txt"
    The deployment policy should contain the inner part of the XML path /configuration/ConfigDeploymentPolicy (check out the sample script for an example on how to extract it):,
    for example: 
Paste code macro
<mAdminState read-only="true">enabled</mAdminState>
<AcceptedConfig>*/*/wsm/wsm-endpointrewrite</AcceptedConfig>
<FilteredConfig>*/*/xml/samlattr</FilteredConfig>
<ModifiedConfig>
<Match>*/*/network/host-alias?Name=.*&Property=IPAddress&Value=1.1.1.1</Match>
<Type>change</Type>
<Property />
<Value>2.2.2.2</Value></ModifiedConfig>

2. If the script returns an RC > 0, DPOD's processing will stop, and an error message will be displayed, the error message will be the content of the file "deployment-policy.txt"

Sample Flow:

  1. If the user selected deployment policy name X and the service name is Y - leave the deployment policy name as it is
  2. If the user selected deployment policy name Z and the service name is Q or the Device Name is T - change the deployment policy name to V...
  3. Next, if the deployment policy's extension is ZIP - extract it to a temp folder (and use /deppolicy/export.xml as the deployment policy file name)
  4. Read the file as an XML tree
  5. Run some validations on the XML - check that there is only one deployment policy element in the XML
  6. Read the inner XML part of /configuration/ConfigDeploymentPolicy and write it to "deployment-policy.txt" for DPOD to use
  7. Return with RC=0


Import File Validation Script

Input Parameters:

  1. Import File Name
  2. Import File Format (ZIP, XML, XCFG)
  3. Device Name of the target
  4. Domain Name of the target
  5. Service Name
  6. Object Class (MPGW, XMLFW)
  7. Executing User Name
  8. Execution Source (UI or REST)
  9. Execution UUID
  10. The deployment policy file name that was selected by the user, or the value "noPolicy" if none was selected, the deployment policy may have been overridden by the deployment policy selector script, you can read its content from deployment-policy.txt
    Note: Changes made to deployment-policy.txt by this validator script will not be reflected.

Output:

  1. For the import process to continue - the script must end with RC=0
  2. If the script ends with RC>0, the import will stop, any error messages written to the file "validation-output.txt" will be shown in the web console and the logs

Sample Flow:

  1. if the file is a ZIP file - extract it
  2. Make sure the "export.xml" file  exists - if not, end with an error (write and error message to the file "validation-output.txt"  and end with RC=1)
  3. Read the export.xml file as XML tree
  4. Make sure there is no /domains element (and if there is - end with error, domain export is not allowed)
  5. Make sure there is only one service's configuration in the export file
  6. Search the XML tree for /configuration/objectClass[@name=serviceName] - to make sure the file contains an export for the selected service - if not, end with error
  7. Exit with RC=0